Overview

overview

10

Static

static

3

1df5dca24a...cb.exe

windows7-x64

8

1df5dca24a...cb.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    137s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 16:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1df5dca24abbdb6cd72848ca85db147e3fc740295a92d1636836e65d045a84cb.exe

  • Size

    4.9MB

  • MD5

    558788081d9a5590ea98cf49f5083487

  • SHA1

    31363c3c359638c656010186a967de5fda5c197d

  • SHA256

    1df5dca24abbdb6cd72848ca85db147e3fc740295a92d1636836e65d045a84cb

  • SHA512

    63a3c90d5f01532577a8e5105e83ef4c7de6fdcc668d8516f4dd6379f8f9f735ff00428673d4fa57881b7aebda0606c9fb36c6d0b66cdd5a062742aba59232e8

  • SSDEEP

    98304:44TjVBOWLl3ncPtJCIY2ivTY6oMcbKdzOJDb4v+:RBONJXt8U6oMcuwN0v+

Score
10/10
kinsingloader

Malware Config

Signatures

  • Kinsing

    Kinsing is a loader written in Golang.

    loaderkinsing
  • Downloads MZ/PE file
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1df5dca24abbdb6cd72848ca85db147e3fc740295a92d1636836e65d045a84cb.exe
    "C:\Users\Admin\AppData\Local\Temp\1df5dca24abbdb6cd72848ca85db147e3fc740295a92d1636836e65d045a84cb.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    1KB

    MD5

    9f8e2218fb5451aea0ce3842c2f5d183

    SHA1

    34dace065ae9292481c94bd9eed5c6129283fd89

    SHA256

    3561d20a8c2ecb8ac4a4443b3e4dea9e02641060e4a5388254dc747e9006bfab

    SHA512

    c46d892e586e971d4ff94e5311744362ab453ceff64b570c70b8a3ade2285833adc9013b96413891679b3d9466cb55347813c6461257f95e4ccfbb3eb62a881d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    3KB

    MD5

    a423ef1248a4f9465c4455ce283df5bc

    SHA1

    a6bedc269c4b9a747e09e8d82e30f9473d807078

    SHA256

    2b632b1d9e80e8fdf30dec55e08427b0b06e098cd026a48b95aec33afca5b057

    SHA512

    9bdaeec72ed1a804ad214597fc2c8edaa67a946f3d4c7e08b4da5e22725afb7fcad00fcd8278b870da34ee31093d742452f01150d337f48bed69901b1dafda5b

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\lite_installer.log
    Filesize

    4KB

    MD5

    394d73ce89837a3c9df844cebf27b7b4

    SHA1

    40c92fa776e5e54b08598eed3d09a815bbc5dabb

    SHA256

    ca09df1fdc4779b67efe07bf30fb352445a81cae52b6cc169e8c84f60b98429c

    SHA512

    5b8622481cf4d50114b96572103d96e90ae9acb0eecbd8d55c32b58f11c7b370395a16506e6d5a5cc3a8cf64634740b22011010e114ac8258faae23128aeccb9

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Yandex\ui
    Filesize

    38B

    MD5

    d55d84c8e080daae6ff3842f471f7cd2

    SHA1

    a0709e4f556e5f8b00a9368527e20be7bb02d5f7

    SHA256

    27092e85be75e620363cea7148b10d7159cceb91acfb6431c8ced01b658e561d

    SHA512

    4336f6b5366bc46b93bbf709500f278083970a3f627f6910e35c48bdd96c63620d197293678e025a5f00fdc3979123b0f0749c3d84004682bd488f159e04b4a1

    Download Submit